Webapp Security (Bug Hunting)
Hands-on exploitation of web apps and APIs with bug bounty–grade methodology and reporting discipline.
- Recon, threat modeling & attack-surface mapping
- AuthZ/AuthN weaknesses (IDOR, JWT, OAuth, MFA bypass)
- Advanced injection, deserialization, SSRF & RCE chains
Binary 0-Day Hunting
Modern 0-day pipeline: harness design, coverage-guided fuzzing, triage and root-cause analysis.
- Target selection & harness engineering (AFL++, libFuzzer)
- Coverage, sanitizers & corpus curation at scale
- Crash deduplication, triage, PoC stabilization & report prep
SOC Analyst Mastery
Operational SOC tradecraft: triage, correlation, detections and response under real pressure.
- Alert triage frameworks & signal quality
- Detection engineering fundamentals (SIEM/XDR)
- Case handling, scoping & escalation excellence
Threat Hunting Intensive
Hypothesis-driven hunts across endpoint, network and cloud—with repeatable methods and metrics.
- Hunt design: hypotheses, telemetry & success criteria
- Beaconing, C2 and living-off-the-land patterns
- Hunt automation, notebooks & reporting cadence
Advanced Network Forensics Lab
Deep packet analysis and session reconstruction used by international intelligence programs, leveraging state-of-the-art counter-surveillance techniques.
- PCAP reconstruction, flow stitching & timeline building
- Encrypted traffic analysis & protocol fingerprinting
- Evidence preservation & expert reporting